13485cert

Archive for the ‘Training’ Category

How to recruit, hire and train an auditor

In Internal Auditing, ISO 19011, Supplier Audit, Supplier Audits, Supplier Qualification, Training on December 24, 2012 at 11:44 pm

Part 3: Training

Passing a webinar on auditing does not make you competent.

Does your company ask incoming inspectors to update CAD drawings when there is a design change? Of course not. Your company has engineers that are trained to use SolidWorks, and it takes a new engineer a while to become proficient with the software. Auditing is a skill that you learn—just like SolidWorks.

My favorite holiday movie…I’ll be watching this later tonight!

I’ve never met a manager that wondered where the value was in having an engineer update a drawing, but many managers view internal and supplier audits as a necessary evil. Instead of asking the expert how few audit days you can get away with, ask the expert: “What is the purpose of auditing?”

The purpose of internal auditing is to confirm that the management system is effective and to identify opportunities for improvement. The purpose of supplier auditing is to confirm that a supplier is capable of meeting your needs and to identify opportunities for improvement. Therefore, if an auditor has no nonconformities and no opportunities for improvement were identified—what a waste of time!

To receive value from auditing, you need auditors that are competent. In clause 6.2.1 of the ISO 13485 Standard it says, “Personnel performing work affecting product quality shall be competent on the basis of appropriate education, training, skills and experience.” As the audit program manager, make sure you recruit people that demonstrate auditing competency.

Education

First, educational background is important for auditors. You cannot expect someone who has never taken a microbiology course in their life to be an effective auditor of sterilization validation. Likewise, someone that has never taken a course in electricity and magnetism will not be effective as an auditor for active implantable devices. Therefore, determine what types of processes the auditor will be auditing. Then make sure that the person you hire to be an auditor has the necessary education to understand the processes they will be auditing.

Training

Second, an auditor needs to be trained before they can audit. The auditor needs training in three different aspects: 1) the process they will be auditing, 2) the standard that is the basis for assessing conformity, and 3) auditing techniques. If you are going to be auditing printed circuit board (PCB) manufacturers with surface-mount technology (SMT), then you need to learn about the types of components used to make PCBs and how these components are soldered to a raw board. I know first-hand that anyone can learn how SMT works, but it took me a few months of studying.

If your company is only selling medical devices in the USA, then you will need to learn 21 CFR 820 (i.e. – the QSR). However, if your company also sells devices in Europe in Canada you will need to learn ISO 13485, the MDD (93/42/EEC as modified by 2007/47/EC), and the Canadian Medical Device Regulations (CMDR). I learned about ISO 13485 in a four-and-half day lead auditor course in Florida, I learned about the MDD in a three-day CE Marking Course in Virginia, and I learned about the CMDR in a two-day course taught by Health Canada in Ontario. A 50-minute webinar on each regulation is not sufficient for auditing.

Finally, you need training on the techniques of auditing. A two day course is typically needed. I took a 50-minute webinar and passed a quiz before conducting my first internal audit, but I was not competent.

Skills

Third, an auditor needs specific skills to be effective as an auditor. The most critical skills are: 1) communications skills, 2) organizational skills, and 3) analytic skills. Communications skills must include the ability to read and write exceptionally well and the auditor needs to be able to verbally communicate with auditees during meetings and interviews. The most difficult challenge for auditors is covering all the items in their agenda in the time available. The auditor rarely has more time than the need to audit any topic, and audit team leaders must be able to manage their own time as well as simultaneously managing the time of several other auditors. 

Experience

Last, but certainly not the least important aspect of auditor competency is experience. This is why 3rd party auditors are required to act as team members under the guidance of a more experienced auditor before they are allowed to perform audits on their own. This is required regardless of how many internal or supplier audits the person may have conducted in the past. More experienced auditors are also required to observe new auditors and recommend modifications in their technique. Once a new auditor has completed a sufficient number of audits as a team member, the auditor is then allowed to practice leading audits while being observed. After six to nine months, a new auditor is finally ready to be a lead auditor on their own. An internal auditor does not need the same degree of experience as a 3rd party auditor, but being shadowed 2-3 times is not sufficient experience for an auditor (1st or 2nd party). For more information about this topic, please read my blog posting on auditor shadowing.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

If you are an audit program manager, and you would like to improve your own competency, please contact me to learn about a new advanced course specifically for audit program managers. I am teaching a course with Brigid Glass. The course is designed specifically for audit program managers—not for inexperienced auditors. It will be a two-day course, and we are offering the course in three different cities: San Diego, CA (April 11/12), Orlando, FL (April 15/16) and Las Vegas, NV (April 17/18). Please Contact Me if you would like to learn more about the course.

Click Here

I am also teaching a one-hour, audio seminar with FX Conferences on January 9th:

“Are Your Suppliers Qualified? Prove It.”

This seminar will cover the areas of supplier qualification, supplier evaluation and supplier auditing. We already have a large number of companies signed-up for the seminar, and I am looking forward to having you join us.

This blog started as a single posting, but I realized that the blog was much too long. Therefore, I split the blog into three separate postings. This is the final “Part 3 of 3”. I hope you have enjoyed it. If you have suggestions for my next posting, please let me know.

Great Instructors and the Power of a SNICKERS

In Canadian Medical Device Regulations, CMDCAS, Training on November 13, 2012 at 3:57 am

I guess there are still some instructors out there that need to be reminded that we can all read the regulations on our own. We don’t need to pay $1,000+ per day in order to have someone read stuff for us. If that’s what you want, my 10-year old son is a fantastic reader. He’ll record anything you want, in any media format, for a much smaller dollar figure.

If you want to learn something that is worth at least as much as your investment of time and money, then you need to find an instructor that can teach effectively. There are four prerequisites for a great instructor:

1. The instructor must be an expert.

2. The instructor must inspire participation.

3. The instructor must provide practical examples for each student.

4. The instructor must get everyone’s attention–and keep it.

The most important determining factor of training effectiveness, however, occurs after the course is over.

You may have read my other posting with two songs by the lead singer of Pink Martini–China Forbes. However, China was unable to sing for a period of time and Storm Large was the guest singer that helped keep their tour going. Storm is larger than life and so passionate, but this performance is only one side of her personality…

When you are teaching quality assurance and regulatory affairs, you must develop your ability to inspire and engage students to Olympic medalist proportions. “Blah, blah, blah…” and “Death by PowerPoint” will get you fired. Don’t read your slides, don’t turn your back on the audience (or they’ll attack), and PLEASE don’t ever ask someone to read the definition of nonconformity out loud to the rest of the group. When I teach a class you demand my best. I’m six-foot, six inches tall and I have a loud booming voice. My mother has red hair and she was an opera singer. I’ve got the voice to fill any auditorium, and the stage presence to match. But if you even start to nod off in class, I may just have to throw a Snickers bar at you.

This is an essential tool for any instructor. It functions as a tool to prod sleeping students awake, is small enough to cause minimal injury when thrown, serves as an emergency food supply, and it’s gluten free.

If legal council recommends against using projectiles to encourage class participation, you might also consider one of my all-time genius ideas. I was scheduled for a 2-day course in Ottawa, but the day before I needed to perform an audit in Pennsylvania. Therefore, my flight was the last flight into Ottawa–arriving at approximately 1 am. My flight was delayed more than an hour and the person in front of me was trying to smuggle an extra carton of smokes into the country. Just before 4 am my taxi arrived at the Albert at Bay Suite Hotel. Class started at 8 am. I made it to class on time, and excessive consumption of several pots of black coffee helped get me to lunch. Then my legs started getting a little wobbly. Fortunately, there was a convenience store next door that sold my favorite chocolate–the Dark Aero bar! After four of these monstrous organisms of cacao, and another pot of coffee, I could have listened to the lecture on Canadian Medical Device Regulations all night.

The closest chocolate companies have come to selling the body of Christ.

Hershey’s copied them, but the result was a mere shadow of the Nestle’s greatness. Canadian’s know how to make junk food, tell a joke and play hockey!

Despite the physical handicap of sleep deprivation, I still learned a ton from my course in Canada. Here’s why:

1. The instructors were experts. Both instructors were regulatory experts and Canadian. Both instructors taught this course twice a year for multiple years, and one of the instructors actually worked for Health Canada.

2. The instructors were blessed with the perfect audience that was hyper-motivated to pass the course. Everyone in the class worked for a Notified Body that had sponsored them to take the course. In order to stay employed and get a raise, I needed to pass that course. If I failed the exam, I had to absorb the cost to travel back to Ottawa and retake the course in February (BRRRR!).

3. Everyone has different experiences and therefore not every example makes sense to us. Therefore, instructors need to use practical examples that are actionable. In  this course, the instructors brought more than a dozen medical devices to the class. We studied the labeling and the intended use of each device. Even students from Japan, Europe and Australia were familiar with some of the products. This was critical, because we all needed to be able to identify incorrect Canadian labeling.

4. The greatest asset of all was the humor of the instructor from Health Canada. He was hilarious. He had everyone laughing at his jokes for the entire course. Most of the jokes were not funny enough for a stand-up routine, but this was a mandatory regulatory course on Canadian regulations. Who would even expect a chuckle.

Despite the strengths of these instructors, there is only one reason why I know the Canadian Medical Device Regulations (CMDR) as well as I do. I use them every single week.

Here are some examples of how I used the CMDR:

First, I had to audit 162 days for BSI in 2011. Ninety percent of those 162 days were for companies that required a Canadian Medical Device License. Therefore, I started auditing companies to the Canadian regulations immediately after the course.

Second, I was also consulting for companies at the same time I was auditing for BSI. Consulting clients hired me to prepare and submit Canadian Medical Device License Applications for them. I also had to revise and create new procedures specific to the Canadian regulations. I spent another 60+ days in 2011 doing consulting.

Finally, I was one of BSI’s instructors that taught the a regulatory comparison course that compared the regulations of the USA, Canada, Europe, Australia and Japan. Therefore, at least once a month I had a classroom of 6-20 people asking me challenging questions about how to interpret and apply the regulations from each of these countries to their products.

I used every bit of knowledge I learned in that course in Ottawa and I started using that knowledge immediately after the course. I had peers, superiors, clients and students challenging my knowledge of these topics every day. This is what makes you an expert.

If you need to learn something about Quality Assurance or Regulatory Affairs, a one-hour webinar is not enough. Reading a blog is not enough. Taking a 5-day class is not enough. Shadowing another more experienced person is not enough. In the end, all of the above will get you to barely competent!  If you want to learn, you need a great instructor. Then you need to use everything you learned at every opportunity for several years.

Some say, “If you can’t do, teach.”

I say, “Bring a SNICKERS bar and throw it at them for faking it.”

For those of you that are brave enough, Storm will perform an encore that shows you a little of the wild side that we all need to unleash from time to time (even us regulatory geeks). I think she might have had more than one candy bar before this performance.

A Brief (650 Words) Training Module on Plan-Do-Check-Act (PDCA)

In PDCA, Training on October 22, 2012 at 3:00 am

For this posting, I have decided to tease my readers. You’ll have to join my new subgroup to read this posting.

Please join our subgroup to get the FREE training.

For those of you that feel gypped, here’s one of my favorite songs. 19 million viewers agree that U2 is one of the most amazing bands on the planet.

If you are one of those people like me that just can’t stand to drop one of your 50 LinkedIn Groups, then you can connect with me on LinkedIn or send me an email requesting it. If you are already a member of Joe Hage’s Medical Device Group, you don’t have to drop a group.

How do you Learn New Regulations? Normal, Lazy or Strategically?

In Authorized Representative, CE Mark, CE Medical, Medical CE, Training on October 3, 2012 at 4:06 am

For those of you that want some background music while they read tonight, I offer you a doppio caffè macchiato this evening. The first shot is an amazing interpretation of the famous song “Somewhere Over the Rainbow”. As someone that has sung this song hundreds of times, I never expected to hear a version that I would like more than Judy Garland’s. Now I have. My favorite part of the song was when Stephan Braun is playing a cello like a guitar and Melody Gardot stops singing and starts to brush the snare drum—and I love her voice.

Last week I mentioned the draft EU regulations that were released, and I am still reading them. I am sure some of you have already finished at least one of the two regulations, but I am a slow reader. Sure I have skimmed the regulations, but I really need to read every word of the regulations several times before I have absorbed the bulk of the content. While I was reading during my lunch today, I was wondering how other regulatory experts learn new material. After all, there is nobody to take a course from yet and a one hour webinar is not enough.

Some people like to listen to books on tape during their morning ride, but I think the market might be a little small for medical device regulations. We could use technology to convert the PDF format into an eBook format that can be read electronically to us on our commute to work, but I learn Standards visually rather than verbally.

Last year I published a blog titled “Never Stop Learning.”

In that post, I presented a model for learning that I find helpful for explaining my philosophy for training people. The first step in my Learning Pyramid is to “Read and Understand.” I call this the “newbie” stage. That is the stage most of us are at right now for the draft EU regulations. The next stage of the Learning Pyramid is “Show and Tell”. A course or seminar related to the draft regulations would involve a training telling us about the draft regulations and showing us some PowerPoint slides to help us visualize the changes. I think the technical term for this type of torture is “Death by a Million PowerPoint Bullets.” If your instructor is thorough in their efforts to torture you, then you will conclude this training with a quiz to demonstrate training “effectiveness.”

If you are lucky, you will start using some of that new-found knowledge immediately after the course. If you just had your 400th birthday, as I did last week, then you might have a little trouble remembering all the details you “learned” in that training course in a matter of weeks. Now what can you do?

Look it up! Isn’t that what your teachers told you when you were growing up?

If you need to know what the proposed requirements are for Authorized Representative Agreements, you can use the search function in Adobe Reader to search for the word “agreement”. After just six clicks of the mouse you will find where this is mentioned in Article 10 of the draft. As you read Article 10, you will rejoice! Instead of the 17-page voluminous guidance document identified as MEDDEV 2.5/10 (released in January of 2012), we now have 144 words with just four simple minimum requirements. This is streamlined.

Over the next year or two I expect that most the regulatory experts will gradually work their way up the Learning Pyramid to the top of the third level. This is the point where we can now claim competency.

So how do you become an expert? In order to achieve the mighty title of “Guru” you must teach others. My blog from 2011 on learning explains how the action of teaching actually teaches the instructor as much as it teaches the student.

So what’s my point?

Don’t be normal:

  1. skim the draft regulations now
  2. take a course on the regulations in 2013
  3. start revising procedures and technical documentation in 2014
  4. start developing an in-house training course on the new regulations in 2015
  5. finish training all the employees in 2016

Definitely don’t be lazy:

  1. wait for the final approval of the regulations in 2014
  2. take a webinar on the new regulations in 2015
  3. get a nonconformity for noncompliance in 2016
  4. hire a consultant to fix your procedures in 2017
  5. start looking for a course on the regulations in 2018

Instead, be a leader and accelerate your training strategically:

  1. read and re-read the draft regulations now
  2. read blogs and discussion threads related to the draft regulations for the next couple of months
  3. take a webinar on the draft regulations this November 28th (mark your calendar)
  4. draft a plan for revising procedures in 2013 and updating technical documentation in 2014
  5. get management approval for a training course in 2013 and resources to update procedures as per your plan
  6. take a course on the draft regulations in the first quarter of 2013; you should have quite a few questions now that you have a plan and resources
  7. make adjustments to your plan and execute it on-schedule
  8. create a training program for the company just prior to final approval in late 2013
  9. make revisions to the procedures based upon feedback from trainees in your in-house course
  10. develop a detailed team plan for updating the technical documentation
  11. retraining everyone and review the updating plan
  12. make updates to technical documentation 2014 as a team
  13. be one of the first companies to get a certificate to the new regulations in 2015

As I was writing my response to a request for additional information today, I was listening to one of my Pandora stations and one of my newest favorite singers was singing “Worrisome Heart.” Her soothing voice echoed in my head all the way home. I drive through 75 miles of beautiful countryside like my picture below, and now the autumn foliage is at its peak.

Typical Scenery on My Daily Commute

When I sat down to write my blog tonight, I decided to hunt for one of her recordings on YouTube for my background entertainment. Instead I decided to pick a double shot. For the second shot, I have selected one of the more popular videos by Melody Gardot: “Baby I’m a Fool.” This was the first time I have seen her play the guitar, because I have only listened to her on Pandora. The song has more of a country/blues sound to it than most of her other music, but I encourage you to listen to more of her music. Follow my rule…”A double shot is never enough.”

Never Stop Learning

In ISO 14971, Medical Device, QA, Quality, Quality Management Systems, Risk Management, Training on April 2, 2011 at 2:30 pm

One of my family’s favorite songs is “Come on Get Higher” by Matt Nathanson. Two years ago I tried to purchase this for my wife as a Christmas present. Unfortunately, I couldn’t remember who sang the song. I tried searching the web for the lyrics and found out that Sugarland sings it. I remembered the logo on the album cover, went to the store and bought the album. After I got home I realized that the song wasn’t on the album. Back to the store I went and found another version of the album with some live versions of songs—including “Come on Get Higher.” Just to make sure I had the right song, I decided to open the package and play it. My music video selection for this blog is what I heard. I guess we never stop learning, but I did fall in love with Country music at the age of 38…

I am in Canada, it’s almost midnight, and this client has me thinking so hard that I can’t sleep. I am here to teach the company’s Canadian facility about ISO 14971:2007—the ISO Standard for Risk Management of medical devices.

                Most of the companies that request this training are doing so for one of two reasons: 1) several of their design engineers know almost nothing about risk management, or 2) they have several design engineers that are quite knowledgeable with regard to risk management but these engineers have not maintained their credentials and their last risk management training was to the 2000 version of the Standard. This company falls into the second category.

                I always tell students that I learn something by teaching each course. From this company, however, I have learned so much. This company has forced me to re-read the Standard a number of times and reflect on the nuances of almost every single phrase. I have learned more about this Standard in one month than I learned in the 3.5 years since I first took the course I am now teaching.

                I have developed a model for learning that explains this phenomenon. I call this model the “Learning Pyramid.” At the base of the pyramid there are “Newbies.”

               This is the first of four levels. At the base, students read policies and procedures with the hope of understanding.

                In the second level of the pyramid, the student is now asked to watch someone else demonstrate proper procedures. One of my former colleagues has a saying that explains the purpose of this process well, “A picture tells a thousand words, but a demonstration is like a thousand pictures.” This is what our children call “sharing time,” but everyone over 40 remembers this as “show and tell.”

                In the third level of the pyramid, the student is now asked to perform the tasks they are learning. This is described as “doing,” but in my auditing courses I refer to this process as “shadowing.” Trainees will first read the procedures for Internal Auditing (level 1). Next trainees will shadow the trainer during an audit as a demonstration of proper technique (level 2). During subsequent audits, the trainees will audit and the trainer will shadow the trainee (level 3). During this “doing” phase, the trainer must watch, listen and wait for what I call the “Teachable Moment.” This is a moment when the trainee makes a mistake, and you can use this mistake as an opportunity to demonstrate a difficult subject.

                Finally, in the fourth level of the Learning Pyramid we now allow the trainee to become a trainer. This is where I am at—so I thought. I am an instructor, but I am still learning. I am learning what I don’t know.

                The next step in the learning process is to return to the first level. I am re-reading the Standard and procedures until I really understand the nuances that I was unaware of. Then I will search for examples in the real world that demonstrate these complex concepts I am learning. After searching for examples, I will test my knowledge by attempting to apply the newly acquired knowledge to a 510(k) or CE Marking project for a medical device client. Finally, I will be prepared to teach again.

                This reiterative process reminds me of the game Chutes and Ladders, but one key difference is that we never really reach the level of “Guru.” We continue to improve, but never reach our goal of perfection…For further inspiration try reading “Toyota Under Fire.”

The Perfect Pecan Pie – Recipe # 14,971

In International Standard, ISO, ISO 14971, Risk Management, Training on February 7, 2011 at 6:42 am

Hats off to Woodson and the rest of the Packers! My team was the Patriots, but I’m happy to see that the Packers showed some real heart and overcame their injuries to win the trophy. As for the half time show…I thought it was more lights than music. I included a link to the half-time show at the end of this blog, but I thought the Black Eyed Peas video called “The Time (Dirty Bit)” is much more entertaining.

                For those of you familiar with the ISO 14791:2007 Risk Management Standard, you may have already figured out the topic of this blog. For the rest of you…did you really think I tried perfecting my recipe for pecan pie nearly 15,000 times?

                A couple of years ago, a client of mine asked me to give them a training course on Risk Management—specifically an overview of ISO 14971:2007. In my struggle to find a fresh way of engaging the interest of my client’s employees, I developed the concept of using the principles of Risk Management in a more tasty application. Back in 2006 I developed a five-minute presentation on how to make “The Perfect Pecan Pie.” For this new three-hour presentation, I tortured my students with a homemade pecan pie that I placed in the middle of the conference room table.

                This presentation included several tools to help my students remember the principles of Risk Management. First, the alliteration of the letter “P” throughout the presentation beat my message steadily into their subconscious. My second weapon was the smell of a warm, fresh, pecan pie. Third, I used analogies to the pecan pie making process for each aspect of the Risk Management Process. Fourth, I used vivid descriptions throughout my presentation to help everyone visualize the sweet, praline confection at each step of the baking process. And finally, I burned the experience into their brains forever with the taste of the Perfect Pecan Pie.

                Not everyone loves Pecan Pie as much as I do, and not everyone has tried making the Perfect Pecan Pie as many times as I have. I have made gooey pies, sickeningly sweet pies, pies that crack and crumble, pies that were barely cooked, pies without a crust, and pies without a filling. If you plan to coordinate your entire presentation around the concept of a homemade pecan pie you made in your kitchen last night, you had better have a proven Risk Management process to reduce the risk of embarrassing yourself.

                Please read my next several blogs as I unveil the secret to making the Perfect Pecan Pie—one slice at a time:)

                Here’s some of the half time show…(assuming the link is not taken down).

How to Write Better Procedures

In Improvement, International Standard, ISO, ISO 13485, Quality, Quality Management Systems, Training on January 28, 2011 at 3:08 am

Knowing that we have the “Big Game” half-time show coming soon, I thought I would share a video of the 2007 show by Prince (Thank you for the suggestion Greg).

                During a CAPA course I taught earlier today, one of the attendees asked if I have a course on “How to Write Better Procedures.” Unfortunately, the only material I could offer was material from a course I taught on “Training the Trainer.” That training course focused on visual communication. There are several books related to Lean Manufacturing that explain in depth how to use visual communication to replace text (i.e. – “a picture says a thousand words”). During my ride home, however, I thought of a few other ideas that might help anyone that is in the process of writing or re-writing a procedure.

My first suggestion is to develop a standardized format for procedures. If you have a procedure for writing procedures, just make sure you allow the flexibility to deviate from the standardized format. The Standard does require that procedures have a “mandatory” format. Referring to the standardized formatting as “suggested formatting” will avoid unnecessary nonconformities.

My second suggestion is avoid making unnecessary references to other external standards. If you are writing a procedure on risk management—it makes sense to reference ISO 14971. It does not make sense to reference all the other risk analysis Standards unless you are specifically using them to perform risk analysis. Included in this category would be references to other regulatory requirements such as 21 CFR 820, the FDA QSR, or Part 1 of the Canadian MDR. Companies can claim compliance with other requirements in the Quality Manual instead. What should be referenced in a document is any related procedures or forms.

Another related suggestion is to avoid including the revision of a Standard. This is just another opportunity for unnecessary nonconformities. If you don’t specify the revision, then an auditor can only assume that the most current revision of the Standard is implied. If changes to a Standard are minor, no changes to a procedure may be warranted and a revision to the procedure can be avoided—assuming that the revision of the Standard is not specified. Some argue that you should include the revision and update the reference to document that the procedure was reviewed to see if changes were warranted. This is unnecessary. A review of procedures, where the decision is made for “no change”, can easily be documented in the Management Review under the category of “New and Revised Regulatory Requirements.”

My fourth suggestion is to indicate the process owner and training requirements associated with each procedure. By doing this, it is easier to define who is responsible for reviewing and revising procedures—as well as who is assigned CAPAs if there is finding related to the process in question. For the training requirements, the process owner should specify who needs to be trained on the process. Why? They know the procedure best. If there is a “grey area,” this should be resolved with the department manager for the job function in question. In addition, retraining requirements should be specified. By this, I mean that it is a good idea to indicate if retraining is required when a procedure has been revised. If the revision is minor, training should only be required for people that have not been trained to a previous revision.

There are a couple of great ways to identify when retraining is required for a revision and when no retraining is required, but I’ll leave those ideas for another blog…

My fifth suggestion is to adopt the Plan-Do-Check-Act (PDCA) model for the structure of procedures. For the “Plan” portion, the procedure should explain how to prepare to do something. This planning activity can apply to anything from planning to perform an audit to planning to inspect incoming raw materials. The “Do” portion is what most people refer to as the “Procedure” section. The “Check” portion of the procedure is a great place to specify the monitoring and measurement requirements for the process (see Section 8.1 of the Standard). Finally, the “Act” portion of the procedure should indicate what to do when target metrics are not met. For example, what should be done when an alert limit is reached? What should be done when an action limit is reached?

My final suggestion is to include revision history. It’s extremely helpful to know which ECO approved the document revision, why the changes were made, the nature of changes, whether there is a related corrective action, and when the change was made.

Sorry about the length of this blog…I hope this helps you Darcy.

The Secret to Successful Training

In Internal Auditing, International Standard, ISO, ISO 13485, Medical Device, QA, QC, Quality, Quality Management Systems, Training on January 7, 2011 at 3:32 am

About 10 years ago my CD collection was stolen and I haven’t heard this tune since. Sass Jordan might be a little raw for your average professional but everyone needs to loosen up sometimes. Just-in-case you were wondering, I think this CD (Rat) was next to the Greatest Hits of Ella Fitzgerald—which they left behind. I love the singing by both women but for very different reasons.

Recently a client asked me to create a training course on how to train operators. I could have taught the operators myself, but there were so many people that needed training that we felt it would be more cost effective to train the trainers.

                Usually I have multiple presentations archived that I can draw upon, but this time I had nothing. I had never trained engineers on how to be trainers before—at least not formally. I thought about what kinds of problems other Quality Managers have had in training internal auditors and how I have helped the auditors improve. The one theme I recognized was that most auditors needed feedback.

                I finally decided to use the Deming Cycle (Plan-Do-Check-Act, or PDCA) as my framework for the training. Most QA Managers are very experienced and have little trouble planning an audit schedule. The next step is to do the auditing. The problem is that there is very little objective oversight of the auditing process. The Standard requires that “Auditors shall not audit their own work.” Therefore, most companies will opt for one of two solutions for auditing the internal audit process: 1) hire a consultant, or 2) ask the Director of Regulatory Affairs to audit the internal auditing process.

                Both of the above strategies meet the requirements of the Standard, but neither strategy helps to make internal auditors better. I have interviewed a lot of audit program managers, maybe 50+, and the most common feedback for auditors is “change the wording of this finding” or “you forgot to close this previous finding.” This type of feedback is related to the report writing phase of the audit process. I rarely hear program managers explain how they help auditors improve at the other parts of the process.

                When auditors are first being trained we typically will provide examples of best practices for audit preparation, checklists, interviewing techniques AND reports. After the auditors have been “shadowed” by the program manager for an arbitrary three times the auditors are now miraculously “trained.” Let’s see if I can draw an analogy that will make my point…

                That kind of sounds like watching your 16 year-old drive the family car three times and then giving them a license. I guess that’s why my new Ford Festiva was severely dented on all four sides within 6 months. You might think my father was a Saint, but I think he might have totaled his tenth car by age 18. At least I contained the damage to one vehicle.

                Anyway the key to training auditors to audit, or anyone on anything, is consistent follow-up over a long period of time.

                The question is…was my training successful?

                Well, how much follow-up training of the trainers did the client ask for?

%d bloggers like this: